Security updates for Microsoft Edge (Chromium - based)

Security updates for Microsoft Edge (Chromium - based)

Hello everyone,

 

Security updates for Microsoft Edge (Chromium-based) has been released to fix several vulnerabilities. The details of the vulnerabilities addressed are as follows:


  CVE-ID
  Vulnerability details
  Severity
  CVE-2020-6510
  Heap buffer overflow in background fetch
  Critical
  CVE-2020-6511  
  Side-channel information leakage in content security policy
  High
  CVE-2020-6512
  Type Confusion in V8
  High
  CVE-2020-6513
  Heap buffer overflow in PDFium
  High
  CVE-2020-6514
  Inappropriate implementation in WebRTC
  High
  CVE-2020-6515
  Use after free in tab strip
  High
  CVE-2020-6516
  Policy bypass in CORS
  High
  CVE-2020-6517
  Heap buffer overflow in history
  High
  CVE-2020-6518
  Use after free in developer tools
  Medium
  CVE-2020-6519
  Policy bypass in CSP
  Medium
  CVE-2020-6520
  Heap buffer overflow in Skia
  Medium
  CVE-2020-6522
  Inappropriate implementation in external protocol handlers
  Medium
  CVE-2020-6523
  Out of bounds write in Skia
  Medium
  CVE-2020-6524
  Heap buffer overflow in WebAudio
  Medium
  CVE-2020-6525
  Heap buffer overflow in Skia
  Medium
  CVE-2020-6526
  Inappropriate implementation in iframe sandbox
  Low
  CVE-2020-6527
  Insufficient policy enforcement in CSP
  Low
  CVE-2020-6528
  Incorrect security UI in basic auth
  Low
  CVE-2020-6529
  Inappropriate implementation in WebRTC
  Low
  CVE-2020-6530
  Out of bounds memory access in developer tools
  Low
  CVE-2020-6531
  Side-channel information leakage in scroll to text
  Low
  CVE-2020-6533
  Type Confusion in V8
  Low
  CVE-2020-6534
  Heap buffer overflow in WebRTC
  Low
  CVE-2020-6535
  Insufficient data validation in WebUI
  Low
  CVE-2020-6536
  Incorrect security UI in PWAs
  Low


To patch these vulnerabilities, initiate a sync between Patch Manager Plus server and the Central Patch Repository. Search for the following Patch IDs or Bulletin ID and install them in your target machines

 

Patch ID

Bulletin ID

Patch Description

315105

TU-1035

Microsoft Edge for chromium business (84.0.522.40)

315106

TU-1035

Microsoft Edge for chromium business (x64) (84.0.522.40)

 

Cheers,

The ManageEngine team

                New to ADSelfService Plus?